Skip to content

Releases: ministryofjustice/cloud-platform-terraform-ecr-credentials

7.1.0

07 Oct 09:19
ad7eaaf
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: 7.0.0...7.1.0

v7.0.0

01 May 14:16
6e9c083
Compare
Choose a tag to compare

What's Changed

Full Changelog: 6.1.1...7.0.0

Breaking Changes

Headline:
If optional github_environments field is set, any pre-existing default repository ECR secrets and variables will be deleted.

This release introduces functionality that could potentially break some existing GitHub Actions pipelines that utilise GitHub Secrets and Variables. Please read this guidance thoroughly and check that your GitHub Actions workflows are configured correctly.

Action required

If you’re using the ECR module in your environment, and are not setting the optional github_environments field, then this 7.0.0 update will have no impact on your CI/CD workflows and you can ignore this guidance.

If you are setting the github_environments field, then you should be accessing your ECR secrets and variables:

ECR_ROLE_TO_ASSUME
ECR_REGION
ECR_REPOSITORY
(these will vary if you are setting github_actions_prefix in your module call)

from your own defined GitHub environments within your repository workflows. This can be verified by reviewing your GitHub Actions yaml ECR build configurations and verifying that your ECR secrets and variables are scoped within an environment block, similar to the below workflow snippet:

on:
  push:
    branches: [main]

jobs:
  ecr:
  environment: development          # <-- Your environment name here
    runs-on: ubuntu-latest
    ...
    ...
    steps:
     ...
     # Assume role in Cloud Platform
     - uses: aws-actions/configure-aws-credentials@v2
        with:
          role-to-assume: ${{ secrets.ECR_ROLE_TO_ASSUME }}          # <-- environment scoped secret
          aws-region: ${{ vars.ECR_REGION }}          # <-- environment scoped variable

Should you find any ECR secrets or variables that are referenced outside of an environment block's scope, then you are still using the default repository GitHub variables, and you must remediate before updating.

6.1.1

02 Feb 18:19
0386403
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: 6.1.0...6.1.1

v6.1.0

10 Aug 10:19
79c0bdb
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: 6.0.0...6.1.0

v6.0.0

27 Jul 10:16
64ad5be
Compare
Choose a tag to compare

What's Changed

Full Changelog: 5.3.0...6.0.0

5.3.0

28 Jun 15:39
7a86e2d
Compare
Choose a tag to compare

What's Changed

New Contributors

Full Changelog: 5.2.0...5.3.0

v5.2.0

01 Jun 21:27
4bd4406
Compare
Choose a tag to compare

What's Changed

Full Changelog: 5.1.4...5.2.0

v5.1.4

09 May 08:31
5db7b4f
Compare
Choose a tag to compare

What's Changed

  • Fix bug where IAM role isn't created but secrets are if oidc_providers isn't provided by @jakemulley in #74
  • Fix typing of repos_envs by @jakemulley in #75
  • Refactor GitHub OIDC integration by @jakemulley in #76

Full Changelog: 5.1.3...5.1.4

v5.1.3

03 May 16:18
fddad08
Compare
Choose a tag to compare

What's Changed

Full Changelog: 5.1.2...5.1.3

v5.1.2

03 May 09:30
0235d4e
Compare
Choose a tag to compare

What's Changed

Full Changelog: 5.1.1...5.1.2